<!--#include file="config.asp" -->
<%
'*****************************************************
'Description: 登录验证功能，包括用户名、密码、用户类型、随机验证码
'Copyright:Copyright(c)2012
'Company:204studio
'@author:klarkyang
'@version:1.0
'******************************************************
%>
<!--#include file="conn.asp" -->
<!--#include file="inc/Sha1.asp" -->
<!--#include file="inc/EasyIDE.asp" -->
<!--#include file="inc/CommonUtils.asp" -->
<!--#include file="inc/SysFunction.asp" -->
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title><%=SITENAME%></title>
</head>
<body>
<%
username = che(request.Form("username"))
password = che(request.Form("password"))
txt_check = che(request.Form("txt_check"))

sql="select * from cw_users where username='"&username&"' and password='"&sha1(password)&"'"
set rs=conn.execute(sql)
if rs.eof or rs.bof then
	call alertTip("用户名密码输入错误，请重新输入！")
else
	'验证随机码是否填写正确
	if trim(session("validateCode")) <> trim(txt_check) then 
		ErrorMessage = "验证码错误请重新输入验证码！" 
		response.write("<script>alert('"&ErrorMessage&"');location.href='index.asp'; </script>") 
	else
		session("username")=username

		session("realname") = rs("realName")
		response.Redirect("main/admin.asp")
	end if
end if
%>
</body>
</html>